Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
template injection vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4902
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduc...
Template Cms Project Template Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote malicious users to execute arbitrary SQL commands via the mcatid parameter.
Aspapps Template Creature Nil
1 EDB exploit
5
CVSSv2
CVE-2008-5951
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for workDB/templatemonster.mdb.
Aspapps Template Creature Nil
1 EDB exploit
7.5
CVSSv2
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote malicious users to execute arbitrary SQL commands via the tid parameter.
2daybiz Web Template Software
1 EDB exploit
4.3
CVSSv2
CVE-2010-2509
Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php.
2daybiz Web Template Software
1 EDB exploit
7.5
CVSSv2
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Online Event Registration Template
1 EDB exploit
7.5
CVSSv2
CVE-2010-2254
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in an article action to index.php.
Shape5 Bridge Of Hope Template
1 EDB exploit
7.5
CVSSv2
CVE-2007-5233
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a readmore action.
Deonixscripts Web Template Management System 1.3
1 EDB exploit
NA
CVE-2022-21186
The package @acrontum/filesystem-template prior to 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.
Acrontum Filesystem-template
7.5
CVSSv2
CVE-2005-3798
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote malicious users to execute arbitrary SQL commands via the username field.
Alstrasoft Template Seller 3.25
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »